Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/cASyfuH0abUwpn-V7hmuZSIQ09c.roa
File: cASyfuH0abUwpn-V7hmuZSIQ09c.roa (raw, json)
Hash identifier: U2HpSDc4zJjb5yR4FxelHkJvS6rW6HvOOx+N/+WSuMk=
Subject key identifier: 70:04:B2:7E:E1:F4:69:B5:30:A6:7F:95:EE:19:AE:65:22:10:D3:D7
Certificate issuer: /CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Certificate serial: 019425214C7F903E23CC2FD53949525FEA77
Authority key identifier: 87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/cASyfuH0abUwpn-V7hmuZSIQ09c.roa
Signing time: Thu 02 Jan 2025 03:48:46 +0000
ROA not before: Thu 02 Jan 2025 03:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200233
IP address blocks: 138.124.176.0/24 maxlen: 24
147.87.0.0/16 maxlen: 24
193.5.80.0/21 maxlen: 24
2a07:6b40::/29 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:4c:7f:90:3e:23:cc:2f:d5:39:49:52:5f:ea:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8741ec17dc0309b13d88a67ea22dcbbb26a4e3a1
Validity
Not Before: Jan 2 03:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7004b27ee1f469b530a67f95ee19ae652210d3d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:16:a2:88:89:21:64:d5:35:e9:f3:00:ae:52:
08:c9:09:f8:d3:28:66:23:ce:7f:9a:a4:46:fb:78:
3a:20:f4:a3:05:e5:57:d7:e5:be:99:b4:d1:ec:49:
4e:ee:39:99:87:12:4a:da:b0:61:95:69:7c:38:73:
19:e0:b9:32:92:1f:f3:e9:a0:c6:07:78:01:0e:12:
68:84:c9:86:83:cd:2b:ca:69:62:af:83:23:ee:44:
b9:9f:78:5c:91:96:7a:cf:1b:fe:b4:6d:9d:b1:32:
8a:a3:26:f0:ea:29:19:b0:a4:54:b9:34:b2:c5:f4:
64:e5:05:74:57:e8:80:ac:ec:0b:d3:ec:84:27:54:
e6:ac:6f:02:f0:38:a1:98:7e:00:3b:6a:4e:11:a2:
f5:e8:8e:bb:bf:63:17:3a:ef:ca:25:49:0f:18:9e:
e4:a2:77:d3:5c:b3:b8:41:d5:9f:73:11:3e:56:6b:
31:46:85:59:d0:dc:72:2f:a5:a8:e9:30:6a:47:dc:
ac:40:44:60:24:f0:e4:03:75:33:09:04:c7:cb:a3:
fe:77:7b:d1:c1:ea:7e:5b:9c:23:af:26:72:89:a2:
c5:83:b2:d5:0d:b2:9b:1c:96:20:67:f4:bd:14:df:
75:65:6a:9b:5c:b1:29:b8:e4:c7:8d:a1:6d:72:f5:
a1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:04:B2:7E:E1:F4:69:B5:30:A6:7F:95:EE:19:AE:65:22:10:D3:D7
X509v3 Authority Key Identifier:
keyid:87:41:EC:17:DC:03:09:B1:3D:88:A6:7E:A2:2D:CB:BB:26:A4:E3:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0HsF9wDCbE9iKZ-oi3Luyak46E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/cASyfuH0abUwpn-V7hmuZSIQ09c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/3266f1-7c88-4f59-b566-1ac4a4007db4/1/h0HsF9wDCbE9iKZ-oi3Luyak46E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.176.0/24
147.87.0.0/16
193.5.80.0/21
IPv6:
2a07:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
a4:ec:3b:ee:dc:b5:a3:3d:27:5f:07:3c:a8:e1:bc:80:8f:6f:
cb:b4:f9:c1:fc:8e:d6:ea:53:ed:69:27:9b:a4:e1:7b:a9:2f:
6e:38:67:9d:fb:37:e1:89:ac:f5:70:8c:be:b7:95:57:40:06:
d5:68:56:ef:4e:6f:0c:95:b4:13:ab:2f:28:cf:b7:6a:28:14:
96:c0:d9:57:24:b9:ae:69:fb:78:91:00:3a:ce:6b:28:ae:8a:
da:8a:85:61:9d:7c:ae:4d:cf:af:a6:f2:2a:1f:bc:d4:a7:41:
8f:55:ac:6d:5c:36:1d:11:ae:32:57:f0:b0:cf:32:b2:ba:8f:
14:64:f8:87:76:27:17:c2:7f:db:37:55:3c:dc:9d:41:54:6a:
73:50:6f:67:c9:96:c8:bc:52:d6:34:d8:94:5f:7f:22:df:89:
5a:96:4e:67:a3:ba:45:06:5f:8c:46:08:b1:e4:c4:f2:7e:76:
74:2b:2f:d7:07:34:4a:c1:e4:b1:58:1e:be:a8:fc:49:aa:3d:
cb:de:4e:37:6b:b9:cd:5b:35:9f:53:76:81:ed:62:5a:00:95:
f1:5c:6d:dd:d0:e4:fe:81:d9:cc:0a:17:38:d7:dd:5f:09:c0:
60:8d:a3:a1:f9:a9:90:41:4b:e1:ff:5d:9c:c2:e3:cf:bc:81:
f9:2b:78:87
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQlIUx/kD4jzC/VOUlSX+p3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NDFlYzE3ZGMwMzA5YjEzZDg4YTY3ZWEyMmRjYmJiMjZh
NGUzYTEwHhcNMjUwMTAyMDM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDA0YjI3ZWUxZjQ2OWI1MzBhNjdmOTVlZTE5YWU2NTIyMTBkM2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBaiiIkhZNU16fMArlIIyQn40yhm
I85/mqRG+3g6IPSjBeVX1+W+mbTR7ElO7jmZhxJK2rBhlWl8OHMZ4Lkykh/z6aDG
B3gBDhJohMmGg80rymlir4Mj7kS5n3hckZZ6zxv+tG2dsTKKoybw6ikZsKRUuTSy
xfRk5QV0V+iArOwL0+yEJ1TmrG8C8DihmH4AO2pOEaL16I67v2MXOu/KJUkPGJ7k
onfTXLO4QdWfcxE+VmsxRoVZ0NxyL6Wo6TBqR9ysQERgJPDkA3UzCQTHy6P+d3vR
wep+W5wjryZyiaLFg7LVDbKbHJYgZ/S9FN91ZWqbXLEpuOTHjaFtcvWhTwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHAEsn7h9Gm1MKZ/le4ZrmUiENPXMB8GA1UdIwQY
MBaAFIdB7BfcAwmxPYimfqIty7smpOOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYt
MWFjNGE0MDA3ZGI0LzEvY0FTeWZ1SDBhYlV3cG4tVjdobXVaU0lRMDljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zMjY2ZjEtN2M4OC00ZjU5LWI1NjYtMWFjNGE0MDA3ZGI0
LzEvaDBIc0Y5d0RDYkU5aUtaLW9pM0x1eWFrNDZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQAinywAwMA
k1cDBAPBBVAwDQQCAAIwBwMFAyoHa0AwDQYJKoZIhvcNAQELBQADggEBAKTsO+7c
taM9J18HPKjhvICPb8u0+cH8jtbqU+1pJ5uk4XupL244Z537N+GJrPVwjL63lVdA
BtVoVu9ObwyVtBOrLyjPt2ooFJbA2Vckua5p+3iRADrOayiuitqKhWGdfK5Nz6+m
8iofvNSnQY9VrG1cNh0RrjJX8LDPMrK6jxRk+Id2JxfCf9s3VTzcnUFUanNQb2fJ
lsi8UtY02JRffyLfiVqWTmejukUGX4xGCLHkxPJ+dnQrL9cHNErB5LFYHr6o/Emq
PcveTjdruc1bNZ9TdoHtYloAlfFcbd3Q5P6B2cwKFzjX3V8JwGCNo6H5qZBBS+H/
XZzC48+8gfkreIc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:07:15 2025 by rpki-client